Defining Logging Policies

Each Directory Server in a topology stores logging information in
three files:

Access log. Lists the clients
that connect to the server and the operations requested.

Error log. Provides information
about server errors.

Audit log. Gives details about
modifications to suffixes and to the configuration.

Each Directory Proxy Server in a topology stores logging information in
two files:

Access log. Lists the clients
that connect to Directory Proxy Server and the operations requested.

Error log. Contains server
error messages.

You can manage the log files for both Directory Server and Directory Proxy Server in
these ways:

Defining log file creation policies

Defining log file deletion policies

Manually creating and deleting log files

Defining log file permissions

Defining Log File Creation Policies

A log file creation policy enables you to periodically archive
the current log and start a new log file. Log file creation policies can be
defined for Directory Server and Directory Proxy Server from the Directory
Control Center or using the command-line utilities.

When defining a log file creation policy, consider the following:

How many logs do you want to keep?

When this number
of logs is reached, the oldest log file in the folder is deleted before a
new log is created. If this value is set to 1, the logs
are not rotated and grow indefinitely.

What is the maximum size, in Megabytes, for each log file?

When a log file reaches this maximum size or the maximum age defined
in the next item, the file is archived. A new log file is started.

How often should the current log file be archived?

The
default is every day.

At what time of day should log files be rotated?

Time-based
rotation makes operations like log analysis and trending easier, because
each log file covers the same time period.

Log file rotation can also be based on a combination of criteria. For
example, you can specify that logs be rotated at 23h30 only if
the file size is greater than 10 Megabytes.

Defining Log File Deletion Policies

A log file deletion policy enables you to automatically delete
old archived logs. Log file deletion policies can be defined for Directory Server and
Directory Proxy Server from the Directory Service Control Center or using the command-line utilities.
A log file deletion policy is not applied unless you have defined a log file
creation policy. Log file deletion will not work if you have just one log
file. The server evaluates and applies the log file deletion policy at the
time of log rotation.

When defining a log file deletion policy, consider the following:

What is the maximum size of the combined archived logs?

When the maximum size is reached, the oldest archived log is automatically
deleted.

What is the minimum free disk space that should be available?

When the free disk space reaches this minimum value, the oldest archived
log is automatically deleted.

What is the maximum age of log files?

When a log
file reaches this maximum age, the log file is automatically deleted.

Manually Creating and Deleting Log Files

If you do not want to define automatic creation and deletion policies
for Directory Server, you can create and delete log files manually. In
addition, Directory Server provides a task that enables you to rotate
any log immediately, regardless of the defined creation policy. This functionality
might be useful if, for example, an event occurs that needs to be examined
in more detail. The immediate rotation function causes the server to create
a new log file. The previous file can therefore be examined without the server
appending logs to this file.